Open
Cached
·
just now
75/100
SECURITY SCORE
Certificate Information
Subject
CN=mail.idafix.de
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 27, 2025
Valid Until
March 27, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
99:A2:15:A5:CF:C5:37:54:4B:C2:1A:48:0C:69:8E:D5:E5:93:B7:70:D8:93:8C:75:17:1B:60:10:D4:AB:6E:E9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mail.codesfree.de
mail.0x007.de
mail.allahu-aqua.de
mail.b-cl.de
mail.baltruweit.net
mail.barth-mk.de
mail.benkato.de
mail.bif44.com
mail.bobko.at
mail.carabot.net
mail.carolarts.net
mail.cbg90.de
mail.celeber.de
mail.crowo.net
mail.cryptexbot.eu
www.daniel-himmelsbach.com
mail.db-gutachter.de
mail.deep-sale.com
mail.diagramide.com
mail.dj-kushi.de
mail.dormar.de
mail.dr-goeroeg.at
mail.dusthost.de
mail.dustinhanke.de
mail.easymeet.me
mail.fiebeler.eu
mail.filizbisar.com
fredvoneddi.de
mail.fredvoneddi.de
www.fredvoneddi.de
mail.fv0.de
mail.garfi3ld.de
mail.gastrolia.com
mail.giannasasso.net
mail.gkunau.de
mail.glatzer.fr
mail.gliderjosh.de
mail.grumi.de
mail.hagemes.com
mail.holgerhass.com
mail.idafix.de
mail.imb-beartung.de
mail.infinittag.com
mail.jakob-r.de
mail.jan-te.de
mail.jaskowski.at
mail.jayhero.de
mail.jomapp.de
mail.kalinci.net
mail.knockouta.de
mail.leadportal.de
mail.lhsbs.com
mail.liebeskind.info
linevast-hosting.in
mail.linevast-hosting.in
www.linevast-hosting.in
mail.lorenz-perl.de
mail.magella.de
mail.main-dc.de
mail.malerlando.de
mail.mig-kassen.de
mail.mllmnn.de
mail.noname-nev.de
mail.norsecorby.de
mail.oevermann.org
mail.pankownaut.de
mail.paul-helmes.de
mail.pfiadi.de
mail.phx-clan.de
mail.printxpert.de
mail.pxbox.eu
mail.qoopido.com
mail.qoopido.de
mail.radeke.li
mail.retr0dev.de
mail.ritterchens.net
ritterchens.net
www.ritterchens.net
mail.rudolfbaun.de
mail.sarahblum.at
mail.scheibcn.com
mail.sfa-siegen.de
mail.smabi.de
mail.so-jetzt.de
mail.stweiss.de
mail.taxariargo.de
mail.tcgs-shop.de
mail.teamquiet.net
mail.tfm-clan.de
mail.theduke-xii.de
mail.theilmann.nl
mail.thl.codes
mail.tradl.me
mail.trafurika.com
mail.viertaktfan.de
viertaktfan.de
www.viertaktfan.de
mail.wardyz.net
mail.websolutely.de
mail.zielmagnet.de
Other domains in certificate